CN109067739A - Encryption of communicated data method and apparatus - Google Patents

Encryption of communicated data method and apparatus Download PDF

Info

Publication number
CN109067739A
CN109067739A CN201810852593.2A CN201810852593A CN109067739A CN 109067739 A CN109067739 A CN 109067739A CN 201810852593 A CN201810852593 A CN 201810852593A CN 109067739 A CN109067739 A CN 109067739A
Authority
CN
China
Prior art keywords
terminal device
page data
data
parameter
page
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810852593.2A
Other languages
Chinese (zh)
Other versions
CN109067739B (en
Inventor
张驰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN201810852593.2A priority Critical patent/CN109067739B/en
Priority to PCT/CN2018/107638 priority patent/WO2020019478A1/en
Publication of CN109067739A publication Critical patent/CN109067739A/en
Application granted granted Critical
Publication of CN109067739B publication Critical patent/CN109067739B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses encryption of communicated data method and apparatus, wherein method includes: the access request to target pages for obtaining terminal device and initiating;Determining that there are in the case where safety insert in the terminal device according to the access request, the corresponding first page data of the target pages are obtained from the corresponding background server of the target pages according to the access request, the safety insert is for encryption or ciphertext data;The first page data are encrypted to obtain second page data using the first cipher mode arranged with the safety insert;The second page data are sent to the terminal device, so that the terminal device is decrypted the second page data by the safety insert to obtain the first page data.The tool that the program can scan the page to avoid scanner, reptile instrument etc. is directly obtained page data, and the data of page when flow is kidnapped is avoided to be acquired and distort.

Description

Encryption of communicated data method and apparatus
Technical field
The present invention relates to field of communication technology more particularly to encryption of communicated data method and apparatus.
Background technique
Website is to rely on the application of web technology foundation, and the information exchange each time in the application of website is directed to web client End and web services end, wherein the main task of web client is to show the information content to user, specifically utilizes html language Speech, shell script, CSS, plug-in part technology etc. realize that corresponding web page is shown;Web services end provides business for web client It supports, the technologies such as PHP, ASP, JSP is specifically utilized to realize corresponding function.The interaction flow at web services end and web client Generally are as follows: web client sends to web services end and requests, and the request that web services end group is issued in web client is to web client End returns to the corresponding data (such as html code) of the request.
In order to improve the safety of website, certain data of website can generally be added using certain encryption technology It is close, in current some Encryption Designs, the content to avoid website is mainly encrypted by the html code to website Structure is read easily.But there are also the interaction parameters between each function of number of site (as mentioned by post list at present User name, password of friendship etc.) it is to be transmitted in the form of plaintext, monitored risk is faced, the safety of website is not high enough.
Summary of the invention
The embodiment of the present invention provides encryption of communicated data method and apparatus, solves the problems, such as that web portal security is not high enough.
In a first aspect, providing a kind of encryption of communicated data method, comprising:
Obtain the access request to target pages that terminal device is initiated;
It determines in the terminal device according to the access request there are in the case where safety insert, according to the access Request obtains the corresponding first page data of the target pages, the safety from the corresponding background server of the target pages Plug-in unit is for encryption or ciphertext data;
The first page data are encrypted using the first cipher mode arranged with the safety insert to obtain Two page datas;
The second page data are sent to the terminal device, so that the terminal device passes through the safety insert pair The second page data are decrypted to obtain the first page data.
In the embodiment of the present invention, when receiving the access request of terminal device initiation, if it is determined that have in terminal device Safety insert then encrypts the corresponding page data of the access request using the cipher mode arranged with the safety insert, And the page data that encryption obtains is sent to terminal device, and since cipher mode is arranged with safety insert, terminal Equipment can be decrypted to obtain the page data of unencryption to show by the page data that safety insert obtains encryption The corresponding target pages of the access request can be scanned due to encrypting page data to avoid scanner, reptile instrument etc. The tool of the page is directly obtained page data, and the data of page when flow is kidnapped is avoided to be acquired and distort.
With reference to first aspect, in one possible implementation, the method also includes: according to the access request It determines in the terminal device there is no in the case where safety insert, third page data is sent to the terminal device, with Make the terminal device from safety insert described in the corresponding downloading page-downloading of the safety insert and is installed to the terminal and sets In standby, the third page data is the corresponding page data of the downloading page.By the way that third page data is sent to end End equipment can make the page jump shown on the terminal device to the downloading page of safety insert, to make terminal device can Safety insert to be downloaded and installed into terminal device, and then terminal device can use safety in interaction data and insert Part is encrypted or is decrypted to interactive data.
With reference to first aspect, in one possible implementation, described to send the second page to the terminal device After face data further include: obtain the parameter that the terminal device is initiated and submit request, it includes first that the parameter, which submits request, Parameter, first parameter are the parameter that the terminal device encrypts the second parameter by the safety insert, Second parameter is the parameter that the terminal device obtains that the page is got by parameter;Arrange using with the safety insert The first manner of decryption first parameter is decrypted to obtain second parameter;Second parameter is sent to described Background server.It is encrypted by the parameter that safety insert to submit terminal device, scanner, web crawlers etc. is avoided to sweep The tool of retouching gets these parameters, increases the safety of the interaction data between terminal device and background service.
With reference to first aspect, in one possible implementation, described that second parameter is sent to the backstage After server further include: obtain the 4th page data that the background server is returned according to second parameter;Using with Second cipher mode of the safety insert agreement is encrypted to obtain the 5th page data to the 4th page data;To institute It states terminal device and sends the 5th page data, so that the terminal device is by the safety insert to the 5th page Data are decrypted to obtain the 4th page data.
With reference to first aspect, in one possible implementation, described to join described second the encryption server It includes: Hyper text transfer (the hyper text transfer based on security socket layer that number, which is sent to the background server, Protocol over secure socket layer, HTTPS) second parameter is sent to the background service by agreement Device;The acquisition background server includes: to obtain the backstage according to the 4th page data that second parameter returns The 4th page data that server is returned according to second parameter based on the HTTPS agreement.It is carried out with background server It when interaction, is transmitted based on HTTPS agreement, it is ensured that the data interacted between background server are encryptions, to guarantee Interaction data is all encryption during entire transmission.
With reference to first aspect, in one possible implementation, it is described obtain terminal device initiate to target pages Access request after further include: judge whether the access request is CIPHERING REQUEST;If the access request is not encryption Request, it is determined that safety insert is not present in the terminal device;If the access request is CIPHERING REQUEST, it is determined that described There are safety inserts in terminal device.By judging whether access request is encrypted, may be implemented whether to deposit in terminal device In the judgement of safety insert.
With reference to first aspect, in one possible implementation, it is described according to the access request from the page object It includes: to be determined according to the access request that the corresponding background server in face, which obtains the corresponding first page data of the target pages, The mark of the terminal device;According to determining the second decryption side with safety insert agreement of the mark of the terminal device Formula;The encryption server is decrypted to obtain original access and ask using second manner of decryption to the CIPHERING REQUEST It asks;It is corresponding from the target pages corresponding background server acquisition target pages according to the original access request First page data.
Second aspect provides a kind of encryption of communicated data device, comprising:
Access request obtains module, for obtaining the access request to target pages of terminal device initiation;
Page data obtains module, for determining that there are safety inserts in the terminal device according to the access request In the case where, it is corresponding from the target pages corresponding background server acquisition target pages according to the access request First page data, the safety insert is for encryption or ciphertext data;
Encrypting module, for using the first cipher mode for arranging with the safety insert to the first page data into Row encryption obtains second page data;
Page data sending module, for sending the second page data to the terminal device, so that the terminal Equipment is decrypted the second page data by the safety insert to obtain the first page data.
The third aspect provides another encryption of communicated data device, including processor, memory and communication interface, institute It states processor, memory and communication interface to be connected with each other, wherein the communication interface is described to deposit for receiving or sending data Reservoir is used to store the application code that encryption of communicated data device executes the above method, and the processor is configured for holding The method of the above-mentioned first aspect of row.
Fourth aspect provides a kind of computer storage medium, and the computer storage medium is stored with computer program, institute Stating computer program includes program instruction, and described program instruction makes the processor execute above-mentioned first when being executed by a processor The method of aspect.
In the embodiment of the present invention, by being encrypted to the data interacted between terminal device and background server, guarantee The safety of the data interacted between terminal device and background server.
Detailed description of the invention
It to describe the technical solutions in the embodiments of the present invention more clearly, below will be to needed in the embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached Figure.
Fig. 1 is a kind of configuration diagram of web station system provided in an embodiment of the present invention;
Fig. 2 is a kind of flow diagram of encryption of communicated data method provided in an embodiment of the present invention;
Fig. 3 is the flow diagram of another encryption of communicated data method provided in an embodiment of the present invention;
Fig. 4 is a kind of composed structure schematic diagram of encryption of communicated data device provided in an embodiment of the present invention;
Fig. 5 is the composed structure schematic diagram of another encryption of communicated data device provided in an embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that the described embodiment is only a part of the embodiment of the present invention, instead of all the embodiments.Based on this Embodiment in invention, every other reality obtained by those of ordinary skill in the art without making creative efforts Example is applied, shall fall within the protection scope of the present invention.
Technical solution of the present invention is suitable for traditional web station system with plaintext version transmission data, and web station system can wrap Include website client end and website service end.Website client end is user oriented client, for providing service for user.The net Client of standing can be universal client, and universal client can provide service for multiple Website servers, such as It can be browser;The website client end can also specific client, which is served only for as some ad hoc networks It stands offer service, for example, " Tencent's video " client.Under normal circumstances, which operates in the terminal device of user On, wherein terminal device includes but is not limited to that mobile phone, computer, tablet computer, electronic reader etc. have website browsing function Electronic equipment.For managing and providing the resource of the web station system to website client end, website service end is used at website service end There is provided various data to website client end allows the website client end to showing the various pages.The website service end can be with It is made of one or more server.The embodiment of the present invention passes through in traditional web station system for transmitting data with plaintext version Increase encryption server, and the corresponding safety insert of mating exploitation encryption server, the safety insert can be downloaded installation Into terminal device, terminal device can the safety insert data are encrypted or are decrypted, utilize encryption server and safety The data that the data and website client end that plug-in unit difference website service end is sent to website client end are sent to web site server end It is encrypted, to realize the purpose for ensureing web portal security.Illustratively, the framework of the web station system of the embodiment of the present invention can be as Shown in Fig. 1, web station system includes the website client end operated on terminal device 101, encryption server 102 and website service Device 103, wherein encryption server 102 is used to carry out the data that Website server is sent to terminal device encryption and to end The data that end equipment is sent to Website server are decrypted, and safety insert is also equipped on terminal device, which uses It is decrypted in the data for being sent to terminal device to Website server and is sent to the number of Website server to terminal device According to being encrypted.
The method of the embodiment of the present invention may be implemented that the embodiment of the present invention is described below in system architecture shown in Fig. 1 Method.
Referring to fig. 2, Fig. 2 is a kind of flow diagram of encryption of communicated data method provided in an embodiment of the present invention;Such as figure It is shown, this method comprises:
S201, terminal device initiate the access request to target pages, and encryption server obtains the access to target pages Request.
Here, terminal device initiates to ask the access of target pages by the website client end operated in terminal device It asks, which is one of page of web station system.In the case where the website client end is universal client, The target pages can be the one of page for any one web station system that user wants access to;It is at the website client end In the case where specific client, which is one of page of the corresponding web station system in website client end.
The target pages correspond to a uniform resource locator (uniform resource location, URL), the visit Ask that request carries the URL, which is directed toward Internet protocol (Internet protocol, an IP) address, which is The address of access request access.
In the embodiment of the present invention, the IP address which is directed toward can have following two design:
The first design, the IP address which is directed toward are the IP address of encryption server.When terminal device is initiated to the mesh When marking the access request of the page, terminal device carries out domain name analysis system (domain name system, DNS) solution to the URL Analyse the IP address that obtained IP address is the encryption server.Terminal device takes according to the IP address of the encryption server to encryption Device of being engaged in is initiated to the access requests of target pages, and encryption server obtains the access to target pages by received mode and asks It asks.
Second of design, the IP address which is directed toward are the IP address of background server.When terminal device is initiated to the mesh When marking the access request of the page, terminal device is the IP address of the background server to the IP address that the URLDNS is parsed. Terminal device initiates the access request to target pages, cryptographic services to background server according to the IP address of the background server Device intercepts the access request of the access request to obtain this to target pages to target pages in such a way that flow is kidnapped.
S202, encryption server judge in terminal device with the presence or absence of safety insert.
In the embodiment of the present invention, safety insert can be the software program with the mating exploitation of encryption server, safety insert It can be communicated with encryption server, safety insert is used when communicated with encryption server to complete to encryption data to be added The negotiation of used decipherment algorithm and decruption key when close algorithm and encryption key and ciphertext data.It can be wrapped in safety insert It includes and carries out software program corresponding to the corresponding operation of one or more Encryption Algorithm.When safety insert and encryption server are negotiated Used Encryption Algorithm and when encryption key when good encryption data, the safety insert to the encryption key and can need to encrypt Data carry out the corresponding operation of the Encryption Algorithm and encrypted with the data encrypted to the needs.When safety insert and encryption take When business device consults used decipherment algorithm and decruption key when ciphertext data, the safety insert can to the decruption key and Data to be decrypted is needed to carry out the corresponding operation of the decipherment algorithm to need data to be decrypted to be decrypted this.
In one possible implementation, encryption server can judge eventually according to the access request to target pages It whether there is safety insert in end equipment equipment, specific judgment mode can be such that encryption server judges this to target pages Access request whether be CIPHERING REQUEST;If the access request is not CIPHERING REQUEST, it is determined that there is no peaces in terminal device Full plug-in unit;If the access request is CIPHERING REQUEST, it is determined that there are safety inserts in terminal device.
In the specific implementation, encryption server can by judge the data in the access request to target pages whether be Whether clear data is come to judge the access request to target pages be CIPHERING REQUEST, if the access request to target pages In at least partial data be not clear data, it is determined that the access request be CIPHERING REQUEST, if this is to target pages All data in access request are clear data, it is determined that the access request is not CIPHERING REQUEST.
There are in the case where safety insert in determining terminal device, encryption server can determine terminal according to access request The mark of equipment, according to determining the second manner of decryption with the safety insert agreement in terminal device of the mark of terminal device, so The CIPHERING REQUEST is decrypted using the second manner of decryption afterwards to obtain original access request, executes step S203.
Here, since, there are safety insert, encryption server can send this to target in terminal device in terminal device Negotiate the encrypting and decrypting mode of the access request before the access request of the page with the safety insert in terminal device, i.e., agreement should Safety insert encrypts the cipher mode of access request use and the encryption server decrypts the decryption that the access request uses Mode.
In the embodiment of the present invention, cipher mode specifically may include Encryption Algorithm and encryption key, and manner of decryption specifically may be used Including decipherment algorithm and decruption key, the Encryption Algorithm and decipherment algorithm once arranged are mutual corresponding algorithm, once about Fixed encryption key and the decruption key is mutual corresponding key.In some possible implementations, the Encryption Algorithm pair The operation answered operation corresponding with the decipherment algorithm is an identical operation of execution logic, for example, the Encryption Algorithm is corresponding Operation operation corresponding with the decipherment algorithm is hash value operation;In other possible implementations, the Encryption Algorithm Corresponding operation operation inverse operation each other corresponding with the decipherment algorithm.If the encryption of encryption server and safety insert agreement The Encryption Algorithm of the access request and the decipherment algorithm for decrypting the access request are symmetry algorithm, then encryption key and decryption are close Key is identical.If the Encryption Algorithm for the decryption access request that encryption server is arranged with safety insert and decrypting the access and asking The decipherment algorithm asked is that asymmetric arithmetic, then encryption key and decruption key are pairs of public key and private key, wherein if should add Key is public key, then the decruption key is private key, if the encryption key is private key, which is public key.
Here, the mark of terminal device can be the mark of terminal device itself, for example, the device identification of terminal device, The IP address of terminal device is also possible to the identification information that encryption server distributes to terminal device, as session information, Cookie information can also be that encryption server and safety insert arrange the identification information arranged when the second manner of decryption.Wherein, In terminal device the case where being identified as the identification information arranged when encryption server arranges the second manner of decryption with safety insert Under, when the safety insert, which encrypts the access request, to be encrypted using the cipher mode of agreement to the access request, the safety insert The identification information of the agreement is added in the access request.
In the specific implementation, encryption server obtains the mark of the terminal device from the access request, then in basis After determining the second manner of decryption with safety insert agreement of the mark of terminal device, to the corresponding solution of the second manner of decryption Key with the data being encrypted in the access request carry out the corresponding decipherment algorithm of second manner of decryption corresponding to operation Obtain original access request.
In the case where determining that safety insert is not present in terminal device, encryption server executes step S209.
S203, encryption server send the corresponding resource acquisition request of target pages, background server to background server Receive the resource access request to target pages.
Here, background server is the corresponding background server of the target pages, namely the website comprising the target pages The background server of system.The corresponding resource acquisition request of target pages is for requesting the background server to return to the target pages Corresponding first page data, the first page data can make the website when being run by the website client end in terminal device Client shows the target pages.
In the embodiment of the present invention, encryption server, which sends the corresponding resource acquisition request of target pages to background server, to be had Following two situation:
The first situation, the IP address that the URL that carries in the access request to target pages is directed toward be it is above-mentioned the first In the case where design, can in encryption server the preset background server IP address, and by the IP of background server Location is associated with target access request, when encryption server gets target access request, requests to close according to the target access The IP address of connection determines that the target access requests the resource of corresponding page data on the background server, thus cryptographic services Device can initiate the corresponding resource of target pages to the background server according to IP address corresponding with target access request and obtain Take request, wherein target access request refers to asks with the associated access request of the background server, the i.e. correlation of the web station system It asks.
For example, preparatory " pingan.com " this domain name is corresponding with the IP address of background server, background server IP address be 192.168.11.32, when encryption server receives in access request carrying " pingan.com " this domain name Request when, for example, www.pingan.com/login, due to this request in carry " pingan.com ", then can be true Fixed to request the IP address of corresponding background server for 192.168.11.32 with this, then encryption server is to IP address 192.168.11.32 background server initiate the corresponding resource request of the access request.
Second situation, the IP address that the URL carried in the access request of target pages is directed toward set for above-mentioned second In the case where meter, encryption server, can be to taking in the access request after being truncated to the access request to target pages The URL of band carries out dns resolution and obtains the IP address of the background server, and the backstage that encryption server can be obtained according to parsing takes The IP address of business device initiates the corresponding resource acquisition request of target pages to background server.Specifically, the target pages are corresponding Resource acquisition request can be the access request to target pages.
For example, the URL carried in the access request that encryption server is truncated to is www.pingan.com/login, encryption Server by DNS mode parse the URL obtain the corresponding IP address of the URL be 202.132.11.32, then encryption server to The server that IP address is 202.132.11.32 initiates the corresponding resource request of target pages.
S204, background server send the corresponding first page data of target pages, and encryption server obtains target pages Corresponding first page data.
Here, background server finds the target according to the corresponding resource acquisition request of the target pages from directory web site The corresponding site file of the page obtains first page data from the site file, then sends the first page data.
In the embodiment of the present invention, in the case that the URL carried in the access request is the first above-mentioned design, backstage is taken Device be engaged in the corresponding first page data of encryption server transmission target pages, encryption server is obtained by received mode The corresponding first page data of target pages;In the case that the URL carried in the access request is above-mentioned second of design, after Platform server sends target to the terminal device and sends the corresponding first page data of the page, which is robbed by flow The mode held intercepts this to the corresponding first page data of target pages.
Optionally, if the URL carried in the access request is the first above-mentioned design, in the first possible realization side In formula, encryption server can be communicated with background server based on HTTPS agreement.Wherein, encryption server can be based on HTTPS agreement sends the corresponding resource acquisition request of target pages to background server, and encryption server can be assisted based on HTTPS It discusses to encryption server and sends the corresponding first page data of the target pages.In the second possible implementation, should add The access mode of close server can be a Password-Enabled server access, i.e., have in the access white list of the background server and The only identity information of the proof such as the IP address of the encryption server or MAC Address encryption server.With a kind of safe side Formula guarantees the communication security of the interactive process between encryption server and background server, further enhances the peace of web station system Quan Xing.
S205, encryption server correspond to first page data using the first cipher mode and are encrypted to obtain second page number According to.
Here, the first cipher mode is the peace before encrypting the first page data in encryption server and terminal device The cipher mode of full plug-in unit agreement.Safety insert in some possible implementations, in encryption server and terminal device Encrypting and decrypting mode can periodically be arranged.First cipher mode is specifically as follows the safety of encryption server and terminal device The cipher mode in encrypting and decrypting mode that plug-in unit is arranged for the last time before encrypting the first page data.Cipher mode Particular content can be found in foregoing description, and details are not described herein again.
Optionally, the first cipher mode can have following situations:
The first situation, the first cipher mode are that encryption server is set after getting the first page data with terminal The cipher mode of safety insert agreement in standby.Encryption server can be after getting the first page data, with terminal Safety insert in equipment negotiates the encrypting and decrypting mode of the first page data, i.e. agreement encryption server for encrypting first page Cipher mode and the safety insert that face data uses decrypt the manner of decryption of the use of the first page data, the agreement The cipher mode that the encryption server for encrypting first page data use is the first cipher mode.
Second situation, the first cipher mode are that encryption server sends the access to target pages in terminal device and asks The cipher mode arranged before asking with the safety insert in terminal device.If encryption server is not getting the first page Negotiate the encrypting and decrypting mode of the first page data after data with the safety insert in terminal device, then encryption server will The encrypting and decrypting arranged before terminal device sends the access request to target pages with the safety insert in terminal device Cipher mode in mode is as the first cipher mode.
In the specific implementation, encryption server is somebody's turn to do the corresponding encryption key of the first cipher mode and first page data The corresponding operation of first cipher mode obtains second page data.
S206, encryption server send second page data to terminal device, and terminal device receives second page data.
S207, terminal device are decrypted second page data by safety insert to obtain first page data.
Safety insert in terminal device carries out second page data according to the manner of decryption arranged with encryption server Decryption obtains first page data, and the manner of decryption is corresponding with above-mentioned first cipher mode.The manner of decryption can for The encrypting and decrypting side that the safety insert of terminal device and encryption server last time are arranged before encrypting the first page data Manner of decryption in formula.The particular content of manner of decryption can be found in foregoing description, and details are not described herein again.
If the first cipher mode is the first above-mentioned situation, which is that the safety insert of the terminal device exists The encryption server gets the manner of decryption arranged after first page data with the plug-in unit;If the first cipher mode is upper Second situation is stated, then the manner of decryption is that the safety insert of the terminal device sends the visit to target pages in terminal device Ask the manner of decryption arranged before request with encryption server.
In the specific implementation, the safety insert in terminal device is to second page data and the corresponding decryption of the manner of decryption Key carries out the corresponding operation of the manner of decryption and obtains first page data.
S208, terminal device is according to first page data shows target pages.
Specifically, first page data are sent to the website client end in terminal device by the safety insert of terminal device, Website client end shows the target pages according to the first page data.
Third page data is sent to terminal device by S209, encryption server, and terminal device receives third page data.
Here, third page data is page data corresponding to the corresponding downloading page of safety insert, encryption server Third page data can be obtained from the server that safety insert download service is provided, and be then sent to terminal device, this is mentioned Server for safety insert download service can be the encryption server, or the background server can also be it His server.
Optionally, encryption server directly can also obtain the safety from the server for providing safety insert download service Plug-in unit, is then sent to terminal device for the safety insert, and terminal device executes step S211 according to the safety insert.
S210, terminal device is from the corresponding downloading page-downloading safety insert of safety insert.
S211, terminal device install safety insert in terminal device.
After installing safety insert, terminal device can execute step S201, initiate the access request to target pages.
In the embodiment of the present invention, encryption server is when receiving the access request of terminal device initiation, if terminal is set It is not installed with safety insert in standby, then the page link for downloading safety insert or the safety insert are sent to end by encryption server End equipment, so that installing terminal equipment has safety insert, if it is determined that have safety insert in terminal device, then encryption server benefit The corresponding page data of the access request is encrypted with the cipher mode arranged with the safety insert, and encryption is obtained Page data is sent to terminal device, guarantees that the page data that can be obtained to encryption in terminal device is decrypted to obtain and does not add Close page data is to show the corresponding target pages of the access request.Due to being distinguished using encryption server and safety insert Page data is encrypted and decrypted, page data is to be transmitted in transmission process in the form of ciphertext, can be to avoid scanning The tool of the scanning page such as device, reptile instrument is directly obtained page data, avoids the number of page when flow is kidnapped According to being acquired and distort.
In the corresponding embodiment of fig. 2 described above, in the case where safety insert is equipped in terminal device, terminal device can To get the original data of web station system, the safety insert is for being decrypted the page data that terminal device receives To original page data, in some possible implementations, which be can be also used for terminal device to from the background The parameter information that server is submitted is encrypted.Fig. 3 is participated in, Fig. 3 is that another communication data provided in an embodiment of the present invention adds The flow diagram of decryption method, this method are performed in the case where being equipped with safety insert in terminal device, this method comprises:
S301, terminal device obtain the page by parameter and obtain the second parameter that user inputs.
In the embodiment of the present invention, parameter obtains the page and refers to that user can be with input data and the page submitted, parameter The page is specifically as follows login page, user information fills in the page for acquisition, consumers' opinions submits page, etc..Second parameter is The information of user's input, user name, password, the identifying code etc. that the second parameter can be inputted by login page for user, second Parameter may be that user is filled in name, gender, the age etc. that the page is filled in by user information, and the second parameter can also be use Message, the suggestion etc. that family is submitted, are not limited to description here.
S302, terminal device encrypt the second parameter by safety insert to obtain the first parameter.
Here, the safety insert of terminal device adds the second parameter according to the cipher mode arranged with encryption server It is close to obtain the first parameter.The cipher mode can be encrypted for terminal device before first parameter safety insert of terminal device with Cipher mode in the encrypting and decrypting mode of encryption server last time agreement.The particular content of cipher mode can be found in aforementioned Description, details are not described herein again.
In the specific implementation, the safety insert in terminal device can be corresponding to the cipher mode of the second parameter and the agreement Encryption key carry out the corresponding operation of the cipher mode and obtain the first parameter.
S303, terminal device initiate parameter and submit request, and encryption server, which gets parms, submits request, and parameter submits request Including the first parameter.
Here, parameter is submitted and carries a URL in request, which is directed toward an IP address, which is that the parameter mentions Request is handed over to submit the address of parameter.The IP address that the URL carried in the IP address and access request that the URL is directed toward is directed toward is identical. Terminal device initiates parameter submission request and encryption server gets parms and submits the specific implementation of request that can refer to Aforementioned terminals equipment initiates access request and encryption server obtains the description of access request, and details are not described herein again.
S304, encryption server are decrypted the first parameter to obtain the second parameter using the first manner of decryption.
Here, the first manner of decryption is that terminal device encrypts the safety insert of terminal device and encryption before first parameter Manner of decryption in the encrypting and decrypting mode of server last time agreement.The particular content of manner of decryption can be found in aforementioned retouch It states, details are not described herein again.
In the specific implementation, encryption server carries out first parameter and the corresponding decruption key of first manner of decryption The corresponding operation of first manner of decryption obtains the second parameter.
Second parameter is sent to background server by S305, encryption server, and background server receives the second parameter.
In the embodiment of the present invention, the second parameter is sent to background server and encryption server to backstage by encryption server The corresponding resource acquisition request of server transmission target pages is similar, and in the case where a kind of possible, encryption server can root It is submitted according to the parameter and requests to determine that the parameter submits the corresponding IP address of request, submitted according to the parameter and request corresponding IP address Second parameter is sent to background server;In the case where alternatively possible, encryption server submits in request the parameter URL parsed to obtain the IP address of the background server, the IP address then obtained according to the parsing is sent out to background service Give second parameter.
S306, background server send the 4th page data according to the second parameter, and cryptographic services obtain the 4th page data.
Here, background server sends the 4th page data according to the second parameter and encryption server obtains the third page The mode of data can refer to abovementioned steps S204 background server and send the corresponding first page data of target pages and encryption Server obtains the description of the corresponding first page data of target pages, and details are not described herein again.
Optionally, possible at the first in the case where the URL that parameter submission request carries is the first above-mentioned design Implementation in, encryption server and background server can be communicated based on HTTPS agreement.Encryption server is based on HTTPS agreement sends the second parameter to background server, encryption server be based on HTTPS agreement to encryption server send this Four page datas.In the second possible implementation, the access mode of the encryption server can be a Password-Enabled clothes Business device access.The communication security for guaranteeing the interactive process between encryption server and background server by security means, into one Step enhances the safety of web station system.
S307, encryption server are encrypted to obtain the 5th page number using corresponding 4th page data of the second cipher mode According to.
5th page data is sent to terminal device by S308, encryption server, and terminal device receives the 5th page data.
S309, terminal device are decrypted to obtain the 4th page data using safety insert to the 5th page data.
S310, terminal device show the corresponding page of the 4th page data.
Here, the specific implementation class of the specific implementation of step S307~S310 and above-mentioned steps S204~S207 Seemingly, it can refer to the description of abovementioned steps S204~S207, details are not described herein again.
In the embodiment of the present invention, safety insert and encryption server in terminal device, which are respectively completed, passes through terminal device Parameter obtains the parameter that the page is got and is encrypted and decrypted, so that these parameters are passed in the form of ciphertext in the process of transmission It is defeated, so that these parameters be avoided to be acquired during transmission, protected in the case where having no need to change original web site architecture Safety and the privacy of parameter are demonstrate,proved.
Above describe the methods of the embodiment of the present invention, and the device of the embodiment of the present invention is described below.
Referring to fig. 4, Fig. 4 is a kind of composed structure schematic diagram of encryption of communicated data device provided in an embodiment of the present invention, The device 40 can be a part of encryption server or encryption server in above-mentioned Fig. 1 or Fig. 2-embodiment shown in Fig. 3, The device 40 includes:
Access request obtains module 401, for obtaining the access request to target pages of terminal device initiation;
Page data obtains module 402, for determining there is safety in the terminal device according to the access request In the case where plug-in unit, the target pages pair are obtained from the corresponding background server of the target pages according to the access request The first page data answered, the safety insert is for encryption or ciphertext data;
Encrypting module 403, for using the first cipher mode arranged with the safety insert to the first page number According to being encrypted to obtain second page data;
Page data sending module 404, for sending the second page data to the terminal device, so that the end End equipment is decrypted the second page data by the safety insert to obtain the first page data.
In a kind of possible design, the device 40 further include:
Page push module 405 is downloaded, for determining that there is no peaces in the terminal device according to the access request In the case where full plug-in unit, third page data is sent to the terminal device, so that the terminal device is inserted from the safety Safety insert described in the corresponding downloading page-downloading of part is simultaneously installed in the terminal device, and the third page data is described Download the corresponding page data of the page.
In a kind of possible design, the device 40 further include:
Request module 406 is submitted, submits request for obtaining the parameter that the terminal device is initiated, the parameter mentions Handing over request includes the first parameter, and first parameter is that the terminal device adds the second parameter by the safety insert Close obtained parameter, second parameter are the parameter that the terminal device obtains that the page is got by parameter;
Deciphering module 407, for using the first manner of decryption for arranging with the safety insert to first parameter into Row decryption obtains second parameter;
Parameter sending module 408 is also used to second parameter being sent to the background server.
In a kind of possible design, the page data obtains module 402 and is also used to obtain the background server root The 4th page data returned according to second parameter;
The encrypting module 403 is also used to using the second cipher mode arranged with the safety insert to described page four Face data is encrypted to obtain the 5th page data;
The page data sending module 404 is also used to send the 5th page data to the terminal device, so that The terminal device is decrypted to obtain the 4th page data by the safety insert to the 5th page data.
In a kind of possible design, the parameter sending module 408 is specifically used for: the super text based on security socket layer Second parameter is sent to the background server by this transmission HTTPS agreement;
The page data, which obtains, to be used for 402 today of module: obtaining the background server according to the second parameter base In the 4th page data that the HTTPS agreement returns.
In a kind of possible design, described device further include:
Judgment module 409, for judging whether the access request is CIPHERING REQUEST;
If the access request is not CIPHERING REQUEST, the judgment module 409 determines not to be deposited in the terminal device In safety insert;
If the access request is CIPHERING REQUEST, the judgment module 409, which determines, has peace in the terminal device Full plug-in unit.
In a kind of possible design, the page data obtains module 402 and is specifically used for:
The mark of the terminal device is determined according to the access request;
According to determining the second manner of decryption with safety insert agreement of the mark of the terminal device;
The encryption server is decrypted the CIPHERING REQUEST to obtain original visit using second manner of decryption Ask request;
The target pages are obtained from the corresponding background server of the target pages according to the original access request Corresponding first page data.
It should be noted that unmentioned content can be found in the description of embodiment of the method in the corresponding embodiment of Fig. 4, here It repeats no more.
In the embodiment of the present invention, encryption of communicated data device receive terminal device initiation access request when, if It determines there is safety insert in terminal device, then utilizes with the cipher mode of safety insert agreement to the corresponding page of the access request Face data is encrypted, and the obtained page data of encryption is sent to terminal device, since cipher mode is and safety insert Agreement, therefore terminal device can be decrypted to obtain the page of unencryption by the page data that safety insert obtains encryption Face data is to showing the corresponding target pages of the access request, since page data being encrypted, can to avoid scanner, The tool of the scanning page such as reptile instrument is directly obtained page data, avoids the data quilt of page when flow is kidnapped It obtains and distorts.
It is the composed structure signal of another encryption of communicated data device provided in an embodiment of the present invention referring to Fig. 5, Fig. 5 Figure, the device can be one of encryption server or encryption server in above-mentioned Fig. 1 or Fig. 2-embodiment shown in Fig. 3 Point, as shown, the device 50 includes processor 501, memory 502 and communication interface 503.Processor 501, which is connected to, to be deposited Reservoir 502 and communication interface 503, such as processor 501 can be connected to memory 502 and communication interface 503 by bus.
Processor 501 is configured as that the encryption of communicated data device is supported to execute communication data described in Fig. 2-Fig. 3 and add The corresponding function of encryption server in decryption method.The processor 501 can be central processing unit (Central Processing Unit, CPU), network processing unit (Network Processor, NP), hardware chip or any combination thereof.Above-mentioned hardware core Piece can be specific integrated circuit (Application-Specific Integrated Circuit, ASIC), programmable logic Device (Programmable Logic Device, PLD) or combinations thereof.Above-mentioned PLD can be Complex Programmable Logic Devices (Complex Programmable Logic Device, CPLD), field programmable gate array (Field- Programmable Gate Array, FPGA), Universal Array Logic (Generic Array Logic, GAL) or its any group It closes.
502 memory of memory is for storing program code etc..Memory 502 may include volatile memory (Volatile Memory, VM), such as random access memory (Random Access Memory, RAM);Memory 502 It may include nonvolatile memory (Non-Volatile Memory, NVM), such as read-only memory (Read-Only Memory, ROM), flash memory (flash memory), hard disk (Hard Disk Drive, HDD) or solid state hard disk (Solid-State Drive, SSD);Memory 502 can also include the combination of the memory of mentioned kind.The present invention is implemented In example, memory 502 is for storing program, key of encryption of communicated data etc..
The communication interface 503 is for sending or receiving data.
Processor 501 can call said program code to execute following operation:
The access request to target pages that terminal device is initiated is obtained by communication interface 503;
It determines in the terminal device according to the access request there are in the case where safety insert, passes through communication interface 503 obtain the corresponding first page of the target pages from the corresponding background server of the target pages according to the access request Face data, the safety insert is for encryption or ciphertext data;
The first page data are encrypted using the first cipher mode arranged with the safety insert to obtain Two page datas;
The second page data are sent to the terminal device by communication interface 503, so that the terminal device is logical The safety insert is crossed the second page data are decrypted to obtain the first page data.
The embodiment of the present invention also provides a kind of computer storage medium, and the computer storage medium is stored with computer journey Sequence, the computer program include program instruction, and described program instruction executes the computer such as Method described in previous embodiment, the computer can be a part of encryption of communicated data device mentioned above.Such as For above-mentioned processor 501.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, being can be with Relevant hardware is instructed to complete by computer program, the program can be stored in a computer-readable storage medium In, the program is when being executed, it may include such as the process of the embodiment of above-mentioned each method.Wherein, the storage medium can be magnetic Dish, CD, read-only memory (Read-Only Memory, ROM) or random access memory (Random Access Memory, RAM) etc..
The above disclosure is only the preferred embodiments of the present invention, cannot limit the right model of the present invention with this certainly It encloses, therefore equivalent changes made in accordance with the claims of the present invention, is still within the scope of the present invention.

Claims (10)

1. a kind of encryption of communicated data method characterized by comprising
Obtain the access request to target pages that terminal device is initiated;
It determines in the terminal device according to the access request there are in the case where safety insert, according to the access request The corresponding first page data of the target pages, the safety insert are obtained from the corresponding background server of the target pages For encryption or ciphertext data;
The first page data are encrypted to obtain second page using the first cipher mode arranged with the safety insert Face data;
The second page data are sent to the terminal device, so that the terminal device is by the safety insert to described Second page data are decrypted to obtain the first page data.
2. the method according to claim 1, wherein the method also includes:
In the case where being determined in the terminal device according to the access request there is no safety insert, by third page data It is sent to the terminal device, so that the terminal device described in the corresponding downloading page-downloading of the safety insert from inserting safely Part is simultaneously installed in the terminal device, and the third page data is the corresponding page data of the downloading page.
3. method according to claim 1 or 2, which is characterized in that described to send the second page to the terminal device After face data further include:
It obtaining the parameter that the terminal device is initiated and submits request, it includes the first parameter that the parameter, which submits request, and described first Parameter is the parameter that the terminal device encrypts the second parameter by the safety insert, and second parameter is The terminal device obtains the parameter that the page is got by parameter;
First parameter is decrypted using the first manner of decryption arranged with the safety insert to obtain second ginseng Number;
Second parameter is sent to the background server.
4. according to the method described in claim 3, described second parameter is sent to after the background server is also wrapped It includes:
Obtain the 4th page data that the background server is returned according to second parameter;
The 4th page data is encrypted to obtain page five using the second cipher mode arranged with the safety insert Face data;
The 5th page data is sent to the terminal device, so that the terminal device is by the safety insert to described 5th page data is decrypted to obtain the 4th page data.
5. according to the method described in claim 4, it is characterized in that, described send out second parameter encryption server Giving the background server includes:
Second parameter is sent to the background server by the Hyper text transfer HTTPS agreement based on security socket layer;
It is described to obtain the background server according to the 4th page data that second parameter returns and include:
Obtain the 4th page data that the background server is returned according to second parameter based on the HTTPS agreement.
6. method according to claim 1 or 2, which is characterized in that it is described obtain terminal device initiate to target pages Access request after further include:
Judge whether the access request is CIPHERING REQUEST;
If the access request is not CIPHERING REQUEST, it is determined that safety insert is not present in the terminal device;
If the access request is CIPHERING REQUEST, it is determined that there are safety inserts in the terminal device.
7. according to the method described in claim 6, it is characterized in that, it is described according to the access request from the target pages pair The background server answered obtains the corresponding first page data of the target pages
The mark of the terminal device is determined according to the access request;
According to determining the second manner of decryption with safety insert agreement of the mark of the terminal device;
The encryption server is decrypted to obtain original access and ask using second manner of decryption to the CIPHERING REQUEST It asks;
The target pages are obtained from the corresponding background server of the target pages according to the original access request to correspond to First page data.
8. a kind of encryption of communicated data device characterized by comprising
Access request obtains module, for obtaining the access request to target pages of terminal device initiation;
Page data obtains module, for determining the feelings in the terminal device there are safety insert according to the access request Under condition, the target pages corresponding first are obtained from the corresponding background server of the target pages according to the access request Page data, the safety insert is for encryption or ciphertext data;
Encrypting module, for being added using the first cipher mode arranged with the safety insert to the first page data It is close to obtain second page data;
Page data sending module, for sending the second page data to the terminal device, so that the terminal device The second page data are decrypted by the safety insert to obtain the first page data.
9. a kind of encryption of communicated data device, including processor, memory and communication interface, the processor, memory and Communication interface is connected with each other, wherein the communication interface is for sending or receiving data, and the memory is for storing program generation Code, the processor execute the method according to claim 1 to 7 for calling said program code.
10. a kind of computer storage medium, which is characterized in that the computer storage medium is stored with computer program, described Computer program includes program instruction, and described program instruction makes the processor execute such as claim when being executed by a processor The described in any item methods of 1-7.
CN201810852593.2A 2018-07-27 2018-07-27 Communication data encryption method and device Active CN109067739B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201810852593.2A CN109067739B (en) 2018-07-27 2018-07-27 Communication data encryption method and device
PCT/CN2018/107638 WO2020019478A1 (en) 2018-07-27 2018-09-26 Communication data encryption method and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810852593.2A CN109067739B (en) 2018-07-27 2018-07-27 Communication data encryption method and device

Publications (2)

Publication Number Publication Date
CN109067739A true CN109067739A (en) 2018-12-21
CN109067739B CN109067739B (en) 2021-10-08

Family

ID=64831706

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810852593.2A Active CN109067739B (en) 2018-07-27 2018-07-27 Communication data encryption method and device

Country Status (2)

Country Link
CN (1) CN109067739B (en)
WO (1) WO2020019478A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110995683A (en) * 2019-11-26 2020-04-10 深圳市思迪信息技术股份有限公司 Hardware information acquisition method and device based on Web page and computer equipment
CN112948824A (en) * 2021-03-31 2021-06-11 支付宝(杭州)信息技术有限公司 Program communication method, device and equipment based on privacy protection
CN113079492A (en) * 2021-03-22 2021-07-06 广东湾区智能终端工业设计研究院有限公司 Information sharing method and device
CN113326519A (en) * 2021-06-09 2021-08-31 支付宝(杭州)信息技术有限公司 Data acquisition method and device

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111541758B (en) * 2020-04-17 2023-06-16 支付宝(杭州)信息技术有限公司 Page updating method and device
CN111866124B (en) * 2020-07-17 2022-06-24 北京金山云网络技术有限公司 Method, device, server and machine-readable storage medium for accessing webpage
CN114066447B (en) * 2020-07-29 2024-06-07 新开普电子股份有限公司 Card encryption method based on browser
CN114189370B (en) * 2021-11-30 2024-09-06 新华三云计算技术有限公司 Access method and device
CN114760143B (en) * 2022-04-26 2024-08-13 中国邮政储蓄银行股份有限公司 Communication data decryption method, communication data decryption device and communication data decryption system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101299753A (en) * 2008-06-17 2008-11-05 浙江大学 Web service security control mechanism based on proxy server
CN104580086A (en) * 2013-10-17 2015-04-29 腾讯科技(深圳)有限公司 Information transmission method, client side, server and system
CN105450662A (en) * 2015-12-25 2016-03-30 小米科技有限责任公司 Encryption method and device
CN106412024A (en) * 2016-09-07 2017-02-15 网易无尾熊(杭州)科技有限公司 Page acquisition method and device
CN107070812A (en) * 2017-05-02 2017-08-18 武汉绿色网络信息服务有限责任公司 A kind of HTTPS protocal analysises method and its system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040059945A1 (en) * 2002-09-25 2004-03-25 Henson Kevin M. Method and system for internet data encryption and decryption
US7757074B2 (en) * 2004-06-30 2010-07-13 Citrix Application Networking, Llc System and method for establishing a virtual private network
CN104217173B (en) * 2014-08-27 2018-04-17 武汉理工大学 A kind of data and file encrypting method for browser

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101299753A (en) * 2008-06-17 2008-11-05 浙江大学 Web service security control mechanism based on proxy server
CN104580086A (en) * 2013-10-17 2015-04-29 腾讯科技(深圳)有限公司 Information transmission method, client side, server and system
CN105450662A (en) * 2015-12-25 2016-03-30 小米科技有限责任公司 Encryption method and device
CN106412024A (en) * 2016-09-07 2017-02-15 网易无尾熊(杭州)科技有限公司 Page acquisition method and device
CN107070812A (en) * 2017-05-02 2017-08-18 武汉绿色网络信息服务有限责任公司 A kind of HTTPS protocal analysises method and its system

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110995683A (en) * 2019-11-26 2020-04-10 深圳市思迪信息技术股份有限公司 Hardware information acquisition method and device based on Web page and computer equipment
CN113079492A (en) * 2021-03-22 2021-07-06 广东湾区智能终端工业设计研究院有限公司 Information sharing method and device
CN113079492B (en) * 2021-03-22 2022-04-05 广东湾区智能终端工业设计研究院有限公司 Information sharing method and device
CN112948824A (en) * 2021-03-31 2021-06-11 支付宝(杭州)信息技术有限公司 Program communication method, device and equipment based on privacy protection
CN112948824B (en) * 2021-03-31 2022-04-26 支付宝(杭州)信息技术有限公司 Program communication method, device and equipment based on privacy protection
CN113326519A (en) * 2021-06-09 2021-08-31 支付宝(杭州)信息技术有限公司 Data acquisition method and device

Also Published As

Publication number Publication date
CN109067739B (en) 2021-10-08
WO2020019478A1 (en) 2020-01-30

Similar Documents

Publication Publication Date Title
CN109067739A (en) Encryption of communicated data method and apparatus
US20200068394A1 (en) Authentication of phone caller identity
JP5978759B2 (en) Service request apparatus, service providing system, service request method, and service request program
CN108965311A (en) Encryption of communicated data method and apparatus
CN103428221B (en) Safe login method, system and device to Mobile solution
CN111615105B (en) Information providing and acquiring method, device and terminal
US11736304B2 (en) Secure authentication of remote equipment
US20110167263A1 (en) Wireless connections to a wireless access point
JP2019046496A (en) Automatic placeholder finder and filler
CN110276000B (en) Method and device for acquiring media resources, storage medium and electronic device
CN109889510B (en) Multiple encryption method for service provider transmitting service message
US20170317836A1 (en) Service Processing Method and Apparatus
EP3614292A1 (en) File transfer system comprising an upload, storage and download device
CN113259100A (en) TEE-based federal recommendation method, device, equipment and medium
CN113949566A (en) Resource access method, device, electronic equipment and medium
CN107911344A (en) A kind of safe docking calculation of cloud platform
Fahl et al. Trustsplit: usable confidentiality for social network messaging
JP2023532976A (en) Method and system for verification of user identity
KR20230100745A (en) Zero Trust Endpoint Network Security Device
JP4750765B2 (en) Authentication processing system, authentication device, authentication processing method, and authentication processing program
WO2017024588A1 (en) Service processing method and apparatus
CN109800587A (en) Data ciphering method between terminal device and server
JP6167598B2 (en) Information processing apparatus, information processing method, and computer program
JP5108082B2 (en) Authentication processing system, authentication processing method, and authentication processing program
Azizul et al. Authentication and Authorization Design in Honeybee Computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant